.
.
. Our Company . Services . Transactions . CFPB . Rate Calculator . Contact Us .
.
.
.
Consumer Financial Protection Bureau
.

ALTA Best Practice #3 – Information and Data Privacy

Best Practice 3 – Information and Data Privacy: Adopt and maintain a written privacy and information security plan to protect non-public personal Information as required by local, state and federal law.

Purpose: Federal and state laws (including the Gramm-Leach-Bliley Act) require title companies to develop a written information security program that describes their procedures to protect non-public customer information. The program must be appropriate to the company’s size and complexity, the nature and scope of the company’s activities, and the sensitivity of the customer information the company handles. A company evaluates and adjusts its program in light of relevant circumstances, including changes in the firm’s business or operations, or the results of security testing and monitoring.

  • The agent has adopted the following procedures to comply with this requirement:
  • Physical security of non-public personal information.
    • The agent has adopted a written data security policy which is attached hereto.
    • The agent restricts access to non-public personal Information to authorized employees who have undergone background checks and credit reports at hiring.
    • Prohibits or controls the use of removable media.
    • Use only secure delivery methods when transmitting non-public personal information. The agent utilizes RPost and ShareFile for secure email.
  • Network security of non-public personal information.
    • The agent maintains secure access to company information technology.
    • Has developed guidelines for the appropriate use of company information technology.
    • Ensures secure collection and transmission of non-public personal information. The company has implemented a technology acceptable use policy.
  • Ensure disposal of non-public personal information.
    • In accordance with Federal law the company that possesses non-public personal information for a business purpose and disposes of such information properly in a manner that protects against unauthorized access to or use of the information.
  • The agent has established a disaster management plan, that is available upon written request.
  • Implemented appropriate management and training of employees to ensure compliance with company’s information security program.
  • Conducts appropriate oversight of service providers to ensure compliance with a company’s information security program.
  • Conducts audit and oversight procedures to ensure compliance with company’s information security program.
  • Notification of security breaches to customers and law enforcement.
  • Other:
    a. Our lobby is separated by a door, receptionist or other controllable portal from our closing rooms and any office work rooms in all of our locations, including our Corporate/ Commercial office, Residential Elite office, and our Woodlands office.
    b. Our server is isolated in a locked closet, in our locked workroom that is only accessible to those with security clearance.
    c. Vendors, such as janitorial services, water and coffee suppliers, etc. that have access to areas that have private/confidential information are escorted by company personnel that are bonded or have undergone background checks and credit checks.
    d. Employees that are able to download data using removable media devices have undergone criminal background checks and comply with the restrictions set by our company’s Data Security Policy.

Data Security Policy                                               Privacy Policy

Data Security Policy download PDF here          Privacy Policy download PDF here

.
.
What title insurance premium can you expect on your real estate transaction? Find out with our rate calculator. . Veritas Title Partners has helped close some of the most notable real estate transactions in the Houston/Gulf Coast region.
.
Copyright © 2017 Veritas Title Partners. All Rights Reserved.